Enable syslog for services and reformat a few configs
This commit is contained in:
parent
06fce3eb9d
commit
e9302905f9
@ -3,8 +3,8 @@
|
||||
|
||||
. ../APKBUILD-config.template
|
||||
|
||||
pkgver=2021.06.01.03
|
||||
pkgrel=1
|
||||
pkgver=2021.06.25.02
|
||||
pkgrel=0
|
||||
depends="dovecot-lmtpd dovecot-pgsql redxen-secret-letsencrypt-chain redxen-secret-letsencrypt-private"
|
||||
_rx_dovecot_base_src="
|
||||
dovecot.conf
|
||||
@ -39,7 +39,7 @@ package() {
|
||||
}
|
||||
|
||||
sha512sums="
|
||||
fdd1fa6072c77e297766582ef119da55b8d0bea435bfe7c890ca1ea2853a43936edd05ae0a08f001a335930276dcc0f7e160aa8d31ff3d8f4872e36cba37b48b dovecot.conf
|
||||
f9b8dcc6e90a359e16dcfe388b20595a7e5821b13801dfffa6c77a617802128733095029e90b0a81d437a4819c11ccdc30951a81b6ac708597731c5d2e41ee6c dovecot.conf
|
||||
3b28fdfdafaffe19e038b8fd3d3dfdeea51b68c68a148054a1daf618a5ed6e18bdfc58154f9fd32ce982eae9d03e50b3a63ea3a21f9a358e26e4d77164530151 secret
|
||||
5ed93cd8326a1fe604a91acb38da6864ee002877a069fa8f5b67fa10b7213d21966d7500b460cb14cedc063470b346002daf3031fc6be0d25d3bd864ff4b2f2f pgsql.conf
|
||||
"
|
||||
|
@ -3,7 +3,7 @@
|
||||
listen = *, ::
|
||||
|
||||
base_dir = /run/dovecot/
|
||||
instance_name = redxen-production
|
||||
instance_name = dovecot
|
||||
login_greeting = RedXen Mail ready. DO NOT MESS WITH US OR WE WILL CUT YOUR BALLS OFF!
|
||||
|
||||
protocols = imap lmtp
|
||||
|
@ -3,7 +3,7 @@
|
||||
|
||||
. ../APKBUILD-config.template
|
||||
|
||||
pkgver=2021.06.01.03
|
||||
pkgver=2021.06.25.01
|
||||
pkgrel=0
|
||||
source="
|
||||
secret
|
||||
@ -26,5 +26,5 @@ package() {
|
||||
|
||||
sha512sums="
|
||||
9a0dee0934034685c2aba7ebb21283ee73fd240c4cee2aa1cfcec66ba5afc3ed3759b2c79e1facba3e3e0a38fe75f11a7f382d968798ba212c36072238c59190 secret
|
||||
8206984e9fb01cef0b06b366bd6af1cc74227d07404c68d50b0d59fadf409b2868fece46cf7931c78f2315d47385b85f4741cfb9eb397be8fbf4f0c75cb94242 main.ini
|
||||
3bca6bfd458bed43b9b82aaf47d1521bc9557740b50c00e30449aa9674277afee805d784935875693062262f37e88fb6874b20fe3c5dcf5a3a31c7d9bfcec554 main.ini
|
||||
"
|
||||
|
@ -65,3 +65,9 @@ user = 'grafana'
|
||||
password = 'SMTP_AUTH_PASSWORD'
|
||||
from_address = 'grafana@redxen.eu'
|
||||
startTLS_policy = 'MandatoryStartTLS'
|
||||
|
||||
[log]
|
||||
mode = 'syslog'
|
||||
|
||||
[log.syslog]
|
||||
tag = 'grafana'
|
||||
|
@ -3,7 +3,7 @@
|
||||
|
||||
. ../APKBUILD-config.template
|
||||
|
||||
pkgver=2021.06.02.01
|
||||
pkgver=2021.06.25.01
|
||||
pkgrel=0
|
||||
depends="redxen-secret-letsencrypt-full redxen-data-haproxy-errorpages"
|
||||
checkdepends="haproxy"
|
||||
@ -15,5 +15,5 @@ check() {
|
||||
}
|
||||
|
||||
sha512sums="
|
||||
e61aaeb10d902749e8b650392f55fdb35999208dabc99d319c01db9ccba979ad1da825c5fbda24aeef1f7145a334df0170bd3ea2cfd0101d1b0ca885ec5f912c main.cfg
|
||||
fdcf917875b7b04ed4bdffe8712d826aa2b85b17531295915062125be838008c79f6cf4ddb76fe20b87a5d66e2c8d506963f17c1581ffa1b0581bd35e51451fa main.cfg
|
||||
"
|
||||
|
@ -1,110 +1,124 @@
|
||||
global
|
||||
maxconn 2048
|
||||
maxconnrate 40
|
||||
stats socket /run/haproxy.sock mode 600 user telegraf
|
||||
stats timeout 2m
|
||||
maxconn 2048
|
||||
maxconnrate 40
|
||||
|
||||
log 127.0.0.1:514 local0 info
|
||||
|
||||
stats socket /run/haproxy.sock mode 600 user telegraf
|
||||
stats timeout 2m
|
||||
|
||||
defaults
|
||||
mode http
|
||||
retries 3
|
||||
option forwardfor
|
||||
option http-keep-alive
|
||||
option tcp-smart-connect
|
||||
option tcpka
|
||||
option abortonclose
|
||||
balance roundrobin
|
||||
compression algo gzip
|
||||
timeout http-request 10s
|
||||
timeout connect 10s
|
||||
timeout client 60s
|
||||
timeout server 240s
|
||||
timeout http-keep-alive 240s
|
||||
default-server resolvers local init-addr libc,none resolve-opts prevent-dup-ip check
|
||||
mode http
|
||||
|
||||
errorfile 400 /etc/redxen/haproxy/errorpages/400.http
|
||||
errorfile 403 /etc/redxen/haproxy/errorpages/403.http
|
||||
errorfile 408 /etc/redxen/haproxy/errorpages/408.http
|
||||
errorfile 500 /etc/redxen/haproxy/errorpages/500.http
|
||||
errorfile 502 /etc/redxen/haproxy/errorpages/502.http
|
||||
errorfile 503 /etc/redxen/haproxy/errorpages/503.http
|
||||
errorfile 504 /etc/redxen/haproxy/errorpages/504.http
|
||||
log global
|
||||
|
||||
retries 3
|
||||
|
||||
option forwardfor
|
||||
option http-keep-alive
|
||||
option httplog
|
||||
option tcp-smart-connect
|
||||
option tcpka
|
||||
option abortonclose
|
||||
|
||||
balance roundrobin
|
||||
|
||||
compression algo gzip
|
||||
|
||||
timeout http-request 10s
|
||||
timeout connect 10s
|
||||
timeout client 60s
|
||||
timeout server 240s
|
||||
timeout http-keep-alive 240s
|
||||
|
||||
default-server resolvers local init-addr libc,none resolve-opts prevent-dup-ip check
|
||||
|
||||
errorfile 400 /etc/redxen/haproxy/errorpages/400.http
|
||||
errorfile 403 /etc/redxen/haproxy/errorpages/403.http
|
||||
errorfile 408 /etc/redxen/haproxy/errorpages/408.http
|
||||
errorfile 500 /etc/redxen/haproxy/errorpages/500.http
|
||||
errorfile 502 /etc/redxen/haproxy/errorpages/502.http
|
||||
errorfile 503 /etc/redxen/haproxy/errorpages/503.http
|
||||
errorfile 504 /etc/redxen/haproxy/errorpages/504.http
|
||||
|
||||
resolvers local
|
||||
nameserver unbound 127.0.0.1:53
|
||||
resolve_retries 2
|
||||
timeout retry 300ms
|
||||
hold other 100ms
|
||||
hold refused 100ms
|
||||
hold nx 100ms
|
||||
hold timeout 3s
|
||||
hold valid 60s
|
||||
nameserver unbound 127.0.0.1:53
|
||||
|
||||
resolve_retries 2
|
||||
|
||||
timeout retry 300ms
|
||||
|
||||
hold other 100ms
|
||||
hold refused 100ms
|
||||
hold nx 100ms
|
||||
hold timeout 3s
|
||||
hold valid 60s
|
||||
|
||||
listen git-gitea
|
||||
mode tcp
|
||||
bind ipv4@*:2442,ipv6@*:2442
|
||||
option tcp-check
|
||||
server-template gitssh 1 _gitssh._tcp.routinginfo.internal
|
||||
mode tcp
|
||||
bind ipv4@*:2442,ipv6@*:2442
|
||||
option tcp-check
|
||||
server-template gitssh 1 _gitssh._tcp.routinginfo.internal
|
||||
|
||||
frontend http
|
||||
mode http
|
||||
bind ipv4@:443,ipv6@:443 ssl crt /etc/redxen/letsencrypt/full.crt alpn h2,http/1.1
|
||||
bind ipv4@:80,ipv6@:80
|
||||
mode http
|
||||
bind ipv4@:443,ipv6@:443 ssl crt /etc/redxen/letsencrypt/full.crt alpn h2,http/1.1
|
||||
bind ipv4@:80,ipv6@:80
|
||||
|
||||
acl root path /
|
||||
acl seedbox hdr_beg(host) -i seed.redxen
|
||||
acl root path /
|
||||
acl seedbox hdr_beg(host) -i seed.redxen
|
||||
|
||||
redirect prefix /web code 302 if seedbox root
|
||||
redirect prefix /web code 302 if seedbox root
|
||||
|
||||
http-response set-header X-Forwarded-Proto https
|
||||
http-response set-header X-XSS-Protection 1;\ mode=block
|
||||
http-response set-header X-Content-Type-Options nosniff
|
||||
http-response set-header Referrer-Policy no-referrer-when-downgrade
|
||||
http-response set-header Strict-Transport-Security max-age=31536000;\ includeSubDomains;\ preload
|
||||
http-response set-header X-Forwarded-Proto https
|
||||
http-response set-header X-XSS-Protection 1;\ mode=block
|
||||
http-response set-header X-Content-Type-Options nosniff
|
||||
http-response set-header Referrer-Policy no-referrer-when-downgrade
|
||||
http-response set-header Strict-Transport-Security max-age=31536000;\ includeSubDomains;\ preload
|
||||
|
||||
use_backend backend-transmission if seedbox
|
||||
use_backend backend-transmission if seedbox
|
||||
use_backend backend-root if { hdr_beg(host) -i redxen }
|
||||
use_backend backend-grafana if { hdr_beg(host) -i stats.redxen }
|
||||
#use_backend backend-pleroma if { hdr_beg(host) -i social.redxen }
|
||||
use_backend backend-gitea if { hdr_beg(host) -i git.redxen }
|
||||
use_backend backend-seedown if { hdr_beg(host) -i sd.redxen }
|
||||
use_backend backend-packages if { hdr_beg(host) -i packages.redxen }
|
||||
#use_backend backend-monerod if { hdr_beg(host) -i monerod.redxen }
|
||||
|
||||
use_backend backend-root if { hdr_beg(host) -i redxen }
|
||||
use_backend backend-grafana if { hdr_beg(host) -i stats.redxen }
|
||||
# use_backend backend-pleroma if { hdr_beg(host) -i social.redxen }
|
||||
use_backend backend-gitea if { hdr_beg(host) -i git.redxen }
|
||||
use_backend backend-seedown if { hdr_beg(host) -i sd.redxen }
|
||||
use_backend backend-packages if { hdr_beg(host) -i packages.redxen }
|
||||
# use_backend backend-monerod if { hdr_beg(host) -i monerod.redxen }
|
||||
backend backend-root
|
||||
server-template root 1 _root._tcp.routinginfo.internal
|
||||
option httpchk HEAD / HTTP/1.1
|
||||
http-check send hdr Host redxen.eu
|
||||
|
||||
backend backend-root
|
||||
server-template root 1 _root._tcp.routinginfo.internal
|
||||
option httpchk HEAD / HTTP/1.1
|
||||
http-check send hdr Host redxen.eu
|
||||
backend backend-transmission
|
||||
server-template transmission 1 _transmission._tcp.routinginfo.internal
|
||||
|
||||
backend backend-transmission
|
||||
server-template transmission 1 _transmission._tcp.routinginfo.internal
|
||||
backend backend-grafana
|
||||
server-template grafana 1 _grafana._tcp.routinginfo.internal
|
||||
option httpchk HEAD / HTTP/1.1
|
||||
http-check send hdr Host stats.redxen.eu
|
||||
|
||||
backend backend-grafana
|
||||
server-template grafana 1 _grafana._tcp.routinginfo.internal
|
||||
option httpchk HEAD / HTTP/1.1
|
||||
http-check send hdr Host stats.redxen.eu
|
||||
backend backend-seedown
|
||||
server-template seedown 1 _seedown._tcp.routinginfo.internal
|
||||
option httpchk HEAD / HTTP/1.1
|
||||
http-check send hdr Host sd.redxen.eu
|
||||
|
||||
backend backend-seedown
|
||||
server-template seedown 1 _seedown._tcp.routinginfo.internal
|
||||
option httpchk HEAD / HTTP/1.1
|
||||
http-check send hdr Host sd.redxen.eu
|
||||
backend backend-packages
|
||||
server-template packages 1 _packages._tcp.routinginfo.internal
|
||||
option httpchk HEAD / HTTP/1.1
|
||||
http-check send hdr Host packages.redxen.eu
|
||||
|
||||
backend backend-packages
|
||||
server-template packages 1 _packages._tcp.routinginfo.internal
|
||||
option httpchk HEAD / HTTP/1.1
|
||||
http-check send hdr Host packages.redxen.eu
|
||||
#backend backend-pleroma
|
||||
# server-template pleroma 1 _pleroma._tcp.routinginfo.internal
|
||||
# option httpchk HEAD / HTTP/1.1
|
||||
# http-check send hdr Host social.redxen.eu
|
||||
|
||||
# backend backend-pleroma
|
||||
# server-template pleroma 1 _pleroma._tcp.routinginfo.internal
|
||||
# option httpchk HEAD / HTTP/1.1
|
||||
# http-check send hdr Host social.redxen.eu
|
||||
backend backend-gitea
|
||||
server-template gitea 1 _gitea._tcp.routinginfo.internal
|
||||
option httpchk HEAD / HTTP/1.1
|
||||
http-check send hdr Host gitea.redxen.eu
|
||||
|
||||
backend backend-gitea
|
||||
server-template gitea 1 _gitea._tcp.routinginfo.internal
|
||||
option httpchk HEAD / HTTP/1.1
|
||||
http-check send hdr Host gitea.redxen.eu
|
||||
|
||||
# backend backend-monerod
|
||||
# server-template monerod 1 _monerod._tcp.routinginfo.internal
|
||||
# option httpchk POST /json_rpc HTTP/1.1
|
||||
# http-check send body \{\"method\"\:\"get_version\"\} hdr Content-Type application/json
|
||||
#backend backend-monerod
|
||||
# server-template monerod 1 _monerod._tcp.routinginfo.internal
|
||||
# option httpchk POST /json_rpc HTTP/1.1
|
||||
# http-check send body \{\"method\"\:\"get_version\"\} hdr Content-Type application/json
|
||||
|
@ -3,7 +3,7 @@
|
||||
|
||||
. ../APKBUILD-config.template
|
||||
|
||||
pkgver=2021.06.02.01
|
||||
pkgver=2021.06.25.02
|
||||
pkgrel=0
|
||||
depends="nginx-mod-http-zip"
|
||||
checkdepends="nginx"
|
||||
@ -39,7 +39,7 @@ check() {
|
||||
}
|
||||
|
||||
sha512sums="
|
||||
15708a8662984cbfc3d78c3337aa35a0e82586e2e7ba1430c2b99b5b584468e63899b40b5c15f29d892af2901135d9dc5dfdf2ea7469dd7382e7f25a797253e2 main.conf
|
||||
7f5ab9650a84e073d2ae9916c0223ca4f3e3815fe4e46f83a1300423c7f541d62bda627d103804dd875555a7c132736903b7f75ac564354b90dee1f138cdae4a main.conf
|
||||
1a330386c6119487a338d78a23a4e116983c333f82373faaa527e22518d71959a0f330968da764ca884dd4dea227c3cf4d2f6252b1dd7f3488ef08543712788d seedbox.conf
|
||||
5ae68165edab56f41e51ad5b608a29121db878aed0309882927207d4ea9ec5e505a78b194bc8df8f943259130300edd4aa49b2e23a4ee705fa9ea761533fd133 alpine.conf
|
||||
2657b0bdfc001f94159a8cddc928e666cb20055b3df42dd0ec48146c6952c3c7b3957af52612d35d38199fde76ee0c96cb0ea39ed38e13bcc608088c88dc3a88 homepage.conf
|
||||
|
@ -5,6 +5,8 @@ events {
|
||||
}
|
||||
|
||||
http {
|
||||
access_log syslog:server=127.0.0.1;
|
||||
error_log syslog:server=127.0.0.1;
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
tcp_nopush on;
|
||||
|
@ -18,7 +18,7 @@ package() {
|
||||
}
|
||||
|
||||
sha512sums="
|
||||
ee33ef1dd1e2afaea8336e94fd754c3ed5eff7d312de233fbbbf8371d736b1bec03d8c436d8b9360e04048b4548c3d3d488ca940c63b8e5645d143298b9fce18 postgresql.conf
|
||||
f99d965fe866efdec56cf2ceba632b6a22093de49b707eb41fbfdd41656e58a934d266a6b165089e9d4a1958814bb936313ecab478f1dbf23c9149950a9f7973 postgresql.conf
|
||||
5fbe3051fd563b1afbbd00e64a7923c415206522984790345cb161e0f3a96c24c46126fc0ad0ac0a28e1047b9d2cef6bfc5446abf5b1d42534a44e99a71a416e pg_hba.conf
|
||||
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e pg_ident.conf
|
||||
"
|
||||
|
@ -63,7 +63,7 @@ min_wal_size = 80MB
|
||||
#------------------------------------------------------------------------------
|
||||
|
||||
log_line_prefix = '%m [%p] %q%u@%d '
|
||||
log_timezone = 'Europe/Berlin'
|
||||
log_destination = syslog
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# PROCESS TITLE
|
||||
|
@ -3,7 +3,7 @@
|
||||
|
||||
. ../APKBUILD-config.template
|
||||
|
||||
pkgver=2021.06.01.03
|
||||
pkgver=2021.06.25.01
|
||||
pkgrel=0
|
||||
source="redxen.conf"
|
||||
|
||||
@ -13,5 +13,5 @@ package() {
|
||||
}
|
||||
|
||||
sha512sums="
|
||||
35f292d3de4c7dfc9340ded312c4550431599c2704b5f036e62a758bd0a11bd8d3f5bad38680b0b7f54ccba725d3749232821d3c08cd954529ae1b2c2fccbd61 redxen.conf
|
||||
ab965b3ce221bf15e8d9e37704db58969a6e6aa057f9ca5584eb9dc5540f935c26fd360da1547a7dd831836db97a4953f0803ebd5dca6502418e0a37245b63e5 redxen.conf
|
||||
"
|
||||
|
@ -15,10 +15,9 @@ tcp-keepalive 300
|
||||
supervised no
|
||||
|
||||
loglevel notice
|
||||
logfile /var/log/redis/redis.log
|
||||
syslog-enabled yes
|
||||
# syslog-ident redis
|
||||
# syslog-facility local0
|
||||
syslog-ident redis
|
||||
syslog-facility local0
|
||||
|
||||
databases 16
|
||||
always-show-logo no
|
||||
|
@ -1,16 +1,8 @@
|
||||
logging {
|
||||
type = "syslog";
|
||||
facility = "rspamd";
|
||||
level = "info";
|
||||
|
||||
# Show statistics for regular expressions
|
||||
log_re_cache = true;
|
||||
|
||||
# Can be used for console logging
|
||||
color = false;
|
||||
|
||||
# Log with microseconds resolution
|
||||
log_usec = false;
|
||||
|
||||
# Enable debug for specific modules (e.g. `debug_modules = ["dkim", "re_cache"];`)
|
||||
debug_modules = []
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user